[英]Meteor Update collection - Uncaught Error: Not permitted. Untrusted code may only update documents by ID. [403]
I am Learnign Meteor and came across this situation i was following along a Meteor tutorial on tuts plus. 我是Learnign Meteor并遇到了这种情况,我正在关注tuts plus的Meteor教程。 the code is exactly the same in video the update of collection occurs but in my browser it shows this error: 视频中的代码与集合更新完全相同,但在我的浏览器中显示此错误:
Uncaught Error: Not permitted. 未捕获错误:不允许。 Untrusted code may only update documents by ID. 不受信任的代码只能按ID更新文档。 [403] [403]
The code is here: 代码在这里:
Template.person.events({
'click': function (e, t) {
Session.set("edit-"+ t.data._id, true);
},
'keypress input': function(e,t){
if(e.keyCode === 13){
var docid = Session.get("edit-"+ this._id);
People.update(t.data, {$set: {name: e.currentTarget.value}});
Session.set("edit-"+ t.data._id, false);
}
}
});
For code that runs on the client side/browser side you can only use an _id
field as the query. 对于在客户端/浏览器端运行的代码,您只能使用_id
字段作为查询。 On the server you can run it as you please. 在服务器上,您可以随意运行它。
Modify your code so you get the document first then use its _id
to perform an update. 修改代码,以便首先获取文档,然后使用其_id
执行更新。
var person = People.findOne(t.data);
People.update({_id: person._id}, {$set: {name: e.currentTarget.value}});
I assume t.data
is some kind of query? 我假设t.data
是某种查询? If its an _id
try using {_id: t.data
as the query instead. 如果它的_id
尝试使用{_id: t.data
作为查询。 Either way so long as the selector of the update
only uses an _id
it should be fine. 无论哪种方式,只要update
的选择器只使用_id
它应该没问题。
The reason this might work on the tutorial you're following is this change was introduced more recently to lock down security. 这可能适用于您所关注的教程的原因是此更改最近被引入以锁定安全性。
Template.person.events({
'click': function (e, t) {
Session.set('edit-' + t.data._id, true);
},
'keypress input' : function(e, t) {
if (e.keyCode == 13) {
People.update(t.data._id, { $set: { name: e.currentTarget.value }});
Session.set('edit-' + t.data._id, false);
}
}
});
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.